openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-1128)

critical Nessus Plugin ID 93732

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

MozillaFirefox was updated to version 49.0 (boo#999701)

- New features

- Updated Firefox Login Manager to allow HTTPS pages to use saved HTTP logins.

- Added features to Reader Mode that make it easier on the eyes and the ears

- Improved video performance for users on systems that support SSE3 without hardware acceleration

- Added context menu controls to HTML5 audio and video that let users loops files or play files at 1.25x speed

- Improvements in about:memory reports for tracking font memory usage

- Security related fixes

- MFSA 2016-85 CVE-2016-2827 (bmo#1289085) - Out-of-bounds read in mozilla::net::IsValidReferrerPolicy CVE-2016-5270 (bmo#1291016) - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString CVE-2016-5271 (bmo#1288946) - Out-of-bounds read in PropertyProvider::GetSpacingInternal CVE-2016-5272 (bmo#1297934) - Bad cast in nsImageGeometryMixin CVE-2016-5273 (bmo#1280387) - crash in mozilla::a11y::HyperTextAccessible::GetChildOffset CVE-2016-5276 (bmo#1287721) - Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList CVE-2016-5274 (bmo#1282076) - use-after-free in nsFrameManager::CaptureFrameState CVE-2016-5277 (bmo#1291665) - Heap-use-after-free in nsRefreshDriver::Tick CVE-2016-5275 (bmo#1287316) - global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions CVE-2016-5278 (bmo#1294677) - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame CVE-2016-5279 (bmo#1249522)
- Full local path of files is available to web pages after drag and drop CVE-2016-5280 (bmo#1289970) - Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromM ap CVE-2016-5281 (bmo#1284690) - use-after-free in DOMSVGLength CVE-2016-5282 (bmo#932335) - Don't allow content to request favicons from non-whitelisted schemes CVE-2016-5283 (bmo#928187) - <iframe src> fragment timing attack can reveal cross-origin data CVE-2016-5284 (bmo#1303127) - Add-on update site certificate pin expiration CVE-2016-5256 - Memory safety bugs fixed in Firefox 49 CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4

- requires NSS 3.25

- Mozilla Firefox 48.0.2 :

- Mitigate a startup crash issue caused on Windows (bmo#1291738)

mozilla-nss was updated to NSS 3.25. New functionality :

- Implemented DHE key agreement for TLS 1.3

- Added support for ChaCha with TLS 1.3

- Added support for TLS 1.2 ciphersuites that use SHA384 as the PRF

- In previous versions, when using client authentication with TLS 1.2, NSS only supported certificate_verify messages that used the same signature hash algorithm as used by the PRF. This limitation has been removed.

- Several functions have been added to the public API of the NSS Cryptoki Framework. New functions :

- NSSCKFWSlot_GetSlotID

- NSSCKFWSession_GetFWSlot

- NSSCKFWInstance_DestroySessionHandle

- NSSCKFWInstance_FindSessionHandle Notable changes :

- An SSL socket can no longer be configured to allow both TLS 1.3 and SSLv3

- Regression fix: NSS no longer reports a failure if an application attempts to disable the SSLv2 protocol.

- The list of trusted CA certificates has been updated to version 2.8

- The following CA certificate was Removed Sonera Class1 CA

- The following CA certificates were Added Hellenic Academic and Research Institutions RootCA 2015 Hellenic Academic and Research Institutions ECC RootCA 2015 Certplus Root CA G1 Certplus Root CA G2 OpenTrust Root CA G1 OpenTrust Root CA G2 OpenTrust Root CA G3

Solution

Update the affected MozillaFirefox / mozilla-nss packages.

See Also

https://bugzilla.mozilla.org/show_bug.cgi?id=1249522

https://bugzilla.mozilla.org/show_bug.cgi?id=1280387

https://bugzilla.mozilla.org/show_bug.cgi?id=1282076

https://bugzilla.mozilla.org/show_bug.cgi?id=1284690

https://bugzilla.mozilla.org/show_bug.cgi?id=1287316

https://bugzilla.mozilla.org/show_bug.cgi?id=1287721

https://bugzilla.mozilla.org/show_bug.cgi?id=1288946

https://bugzilla.mozilla.org/show_bug.cgi?id=1289085

https://bugzilla.mozilla.org/show_bug.cgi?id=1289970

https://bugzilla.mozilla.org/show_bug.cgi?id=1291016

https://bugzilla.mozilla.org/show_bug.cgi?id=1291665

https://bugzilla.mozilla.org/show_bug.cgi?id=1291738

https://bugzilla.mozilla.org/show_bug.cgi?id=1294677

https://bugzilla.mozilla.org/show_bug.cgi?id=1297934

https://bugzilla.mozilla.org/show_bug.cgi?id=1303127

https://bugzilla.mozilla.org/show_bug.cgi?id=1304114

https://bugzilla.mozilla.org/show_bug.cgi?id=1304783

https://bugzilla.mozilla.org/show_bug.cgi?id=928187

https://bugzilla.mozilla.org/show_bug.cgi?id=932335

https://bugzilla.opensuse.org/show_bug.cgi?id=999701

Plugin Details

Severity: Critical

ID: 93732

File Name: openSUSE-2016-1128.nasl

Version: 2.7

Type: local

Agent: unix

Published: 9/27/2016

Updated: 1/19/2021

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:mozillafirefox-translations-other, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo, p-cpe:/a:novell:opensuse:libfreebl3, p-cpe:/a:novell:opensuse:mozilla-nss-certs, p-cpe:/a:novell:opensuse:mozilla-nss-tools, p-cpe:/a:novell:opensuse:libsoftokn3, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozillafirefox, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo, p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-debugsource, p-cpe:/a:novell:opensuse:mozilla-nss-devel, p-cpe:/a:novell:opensuse:mozillafirefox-debugsource, p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozillafirefox-debuginfo, p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo, cpe:/o:novell:opensuse:13.1, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-sysinit, p-cpe:/a:novell:opensuse:mozillafirefox-buildsymbols, p-cpe:/a:novell:opensuse:mozillafirefox-devel, p-cpe:/a:novell:opensuse:libsoftokn3-32bit, p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo, p-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream, p-cpe:/a:novell:opensuse:libfreebl3-32bit, p-cpe:/a:novell:opensuse:mozilla-nss, p-cpe:/a:novell:opensuse:mozillafirefox-translations-common, p-cpe:/a:novell:opensuse:mozilla-nss-32bit

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 9/26/2016

Reference Information

CVE: CVE-2016-2827, CVE-2016-5256, CVE-2016-5257, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE-2016-5274, CVE-2016-5275, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284